2 matches found
Design/Logic Flaw
An incorrect default permission vulnerability exists in the cgiserver.cgi cgicheckability functionality of reolink RLC-410W v3.0.0.13620121102. The UpgradePrepare is the API that checks if a provided filename identifies a new version of the RLC-410W firmware. If the version is new, it would be...
CVE-2021-31519
CVE-2021-31519 concerns Trend Micro HouseCall for Home Networks, affected through version 5.3.1179 and earlier. The root cause is incorrect permissions on product installer folders, permitting an attacker who can run low-privileged code to place arbitrary code in a folder that could be executed b...